<?php

function renderForm($id,$event_name, $date, $time,$venue, $keyOne, $keyTwo, $keyThree, $error)
{
?>	
	
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
 <?php 

 if ($error != '')
 {
 echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
 }
 ?> 
<form action="" method="post">
  <input type="hidden" name="id" value="<?php echo $id; ?>"/>
 <div>
 <strong>Event Name*</strong> <input type="text" name="event_name" value="<?php echo $event_name; ?>"/><br/>
 
 <strong>Date*</strong> <input type="text" name="date" value="<?php echo $date; ?>"/><br/>

 <strong>Time*</strong> <input type="text" name="time" value="<?php echo $time; ?>"/><br/>

 
 <strong>Venue*</strong> <input type="text" name="venue" value="<?php echo $venue; ?>"/><br/>

 
 <strong>keyOne </strong> <input type="text" name="keyOne" value="<?php echo $keyOne; ?>"/><br/>

 
 <strong>keyTwo </strong> <input type="text" name="keyTwo" value="<?php echo $keyTwo; ?>"/><br/>

 
 <strong>keyThree </strong> <input type="text" name="keyThree" value="<?php echo $keyThree; ?>"/><br/>
 <p>* Required</p>
 
 
 <input type="submit" name="submit" value="Update">
 </div>
 </form> 
 </body>
 </html> 
 
 
 <?php
}


$con = mysql_connect("localhost","root","kabra");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("db2", $con);

 if (isset($_POST['submit']))
 	 {
 
 $id = $_POST['id'];
 $event_name = mysql_real_escape_string(htmlspecialchars($_POST['event_name']));
 
 $date = mysql_real_escape_string(htmlspecialchars($_POST['date']));
 
 $time = mysql_real_escape_string(htmlspecialchars($_POST['time']));
 
 $venue = mysql_real_escape_string(htmlspecialchars($_POST['venue']));
 
 $keyOne = mysql_real_escape_string(htmlspecialchars($_POST['keyOne']));
 
 $keyTwo= mysql_real_escape_string(htmlspecialchars($_POST['keyTwo']));
 
 $keyThree = mysql_real_escape_string(htmlspecialchars($_POST['keyThree']));
 
  if ($event_name == '' || $date == '')
 {

 $error = 'ERROR: Required fields cannot be left empty!';
 

  renderForm($id,$event_name, $date, $time,$venue, $keyOne, 				  $keyTwo, $keyThree, $error);
  }
  
  else
  
  {
 mysql_query("UPDATE events2 SET event_name='$event_name', date='$date', time='$time', venue='$venue', keyOne='$keyOne', keyTwo='$keyTwo', keyThree='$keyThree' WHERE id='$id' ")
 or die(mysql_error()); 
 

 header("Location: eventsView.php"); 
 }
  }
 
 
if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0)
 {$id = $_GET['id'];
 $result = mysql_query("SELECT * FROM events2 WHERE id=$id")
 or die(mysql_error()); 
 $row = mysql_fetch_array($result); 
 
 if ($row)
 
 {
 $event_name = $row['event_name'];
 $date = $row['date'];
  $time = $row['time'];
 $venue = $row['venue'];
 $keyOne = $row['keyOne'];
 $keyTwo = $row['keyTwo'];
 $keyThree = $row['keyThree'];
 
 // show form
 renderForm ($id, $event_name, $date, $time, $venue, $keyOne, 				  $keyTwo, $keyThree,'');
 }
 
 else
 // if no match, display result
 {
 echo "No results!";
 }
 }
 else
 // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
 {
 echo 'Error!';
 }
?>